What i am doing wrong here?
-
And what about forwarding the traffic to pfsense?
"my modem local ip 192.168.1.10"
If wan on pfsense is 192.168.1.0/24 pfsense is behind a NAT and you would have to forward the ports for openvpn to pfsense wan if you ever expect to connect to it.
-
hi. sorry to late replay. my pfsense ip 192.168.1.68.
on my modem pfsense(192.168.1.68) DMZ
should i need manually port forward pfsense????
-
if you put it in the dmz no, so do a sniff on pfsense do you see the openvpn traffic reaching it? Can you do a canyouseeme.org to your tcp your listening on for openvpn. Seems odd to run 1194 on both tcp and udp. Common practice if going to listen on tcp for openvpn is use say 443, which is almost always open everywhere there is internet access. 1194 tcp not so much.. And udp 1194 as well not so much.
This really is clickity clickity in the wizard.. If your not seeing your connection attempts even would think you have something infront blocking. Since your behind a nat to pfsense my guess would be that device. Maybe your dmz is not working or not correct?
-
hi. no Idea whats going wrong. seems everything ok. just cant connect from my Android Tab. which is out side from my network. i mean from another internet connections….
-
Dude did you sniff to see if the traffic is getting there even? Takes all of 2 seconds..
What does error log show on the tab?
I saw your PM, send me login info and will take a look see.
-
Your pfSense box WAN= 192.168.1.68 ?
Your pfSense box LAN= 192.168.10.1 ?
If so then get rid of the port forward rules you show above.
Get rid of WAN rules going to 192.168.1.68 the first rule to "WAN Address" already does it for you.
on OpenVPN firewall tab make rule destination to LAN Subnet.
-
Yeah those port forwards are pointless.. And could be breaking it.. Those sure were not put in by the wizard.. Like I said setting up openvpn is clickity clickity on the wizard and your up and running.
-
hi. sorry for my late replay. as i am testing setup a lot so my ip address also changing. here is what i have now
My my modem lan ip - 192.168.1.1
my pfsense lan ip - 192.168.10.1
and my pfsense wan ip - 192.168.1.80
here are my all latest rules
no port forward rules atm
-
So you didn't open up remote for me.. So how would I get in?? I did a scan of that IP you sent me and comes back with no ports open..
If you want me to take a look you have to allow port your webgui is listening on? 80, 443? Why don't you allow ping to we can test if your IP even answers ping..
I would guess your router in front of pfsense is not set to put your pfsense wan IP in dmz… Or that feature is not working.
-
Already did that for you
-
hi. back again. i found the problem. it was my modem firewall which was blocking my openvpn. now i can connect to my vpn. but why my ip not changing?
my openvpn server on my 2nd net connection. but when i connect from my 1st connection. the IP address remain same?
please tell me what i need to do now…thnx a lot
-
dude your IP still does not ping, nor does it allow me login to the gui.
Thought you said you put pfsense in your dmz of your "modem"..
-
hi. back again. sorry i told you before i am testing a lot. so this is not my main server. when i am on only that time i open my pfsense(openvpn server). also my problem was my modem(router) which was blocking my server. i have changed my modem now all ok for me. but i have little problem. i cant login more than 1 user at a time. i made 3 user account and i can login all 3 but not same time. please let me know how to solve this problem. thanks a lot. Marry Christmas
-
Are you able to bridge your modem so that your pfSense box gets a public IP address? Sure would make things easier on you.
-
hi. yes my modem is in bridge mode and my pfsense getting the public ip address. openvpn also working. just i cant login all my 3 account at same time. but i can login 1 at a time. what i have to do for this problem. thank you
-
change you the number of concurrent connections.
Are you using the same user/certs or do you have 3 different ones?
-
hi. sorry for late replay. yes i put 6 where you putted 2. and yes 3 different user but same CA. is it ok?
-
whatever number you want is ok.. They could all be same cert/user if you wanted, etc. That is up to you.
-
hi. then why i cant login all 3 same time? i can login only 1 at a time. please let me know what to do…thank you
-
dude I have NO freaking idea what your doing wrong, since you have provided NOTHING in the way of information… What does the log say on both the server and the client when your saying it doesn't log in?
